This CVE alert is warning about a security vulnerability in the web-based management interface of the Aruba EdgeConnect Enterprise Orchestrator software. The vulnerability allows remote, low-privileged authenticated users to escalate their privileges to those of an administrative user, which could lead to complete system compromise.
In the affected versions of the software (Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators), a flaw in the management interface allows a low-privileged authenticated user to elevate their privileges to those of an administrative user. This could allow the attacker to access sensitive data, modify configurations, and execute commands with administrative privileges.
Successful exploitation of the vulnerability could result in the complete compromise of the affected system, which could have serious consequences for the security and integrity of the network and the data it contains.
In summary, this CVE alert is warning about a vulnerability in the Aruba EdgeConnect Enterprise Orchestrator software that allows remote low-privileged authenticated users to escalate their privileges